Re: [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new attack | ZDNet
turns out there were 5 old customer air routers still on network we missed. They got hit (props to shadowserver) but looking at it is weird, the old AC2 server i never got around to shutting off still had one of them in it. the malware hit it, dropped the firmware down to one version, then down to another. Weird, I assume it was opening it up to other vulnerabilities. one of them wouldnt take the first firmware update after locking it down, had the not enough free memory error. I couldnt find any files floating in it, but im wondering if that second firmware downgrade was a hacked firmware On Wed, Feb 6, 2019 at 9:52 AM Mathew Howard wrote: > I don't see any Mikrotik stuff that's really any less expensive than the > bottom end UBNT (I'm talking LiteBeams and NanoStation Locos here), but > yeah, the Mikrotik prices are close enough that it doesn't make any > difference. > > On Wed, Feb 6, 2019 at 7:13 AM Mike Hammett wrote: > >> I think Mikrotik is still less expensive on the low end. >> >> >> >> - >> Mike Hammett >> Intelligent Computing Solutions <http://www.ics-il.com/> >> <https://www.facebook.com/ICSIL> >> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >> <https://www.linkedin.com/company/intelligent-computing-solutions> >> <https://twitter.com/ICSIL> >> Midwest Internet Exchange <http://www.midwest-ix.com/> >> <https://www.facebook.com/mdwestix> >> <https://www.linkedin.com/company/midwest-internet-exchange> >> <https://twitter.com/mdwestix> >> The Brothers WISP <http://www.thebrotherswisp.com/> >> <https://www.facebook.com/thebrotherswisp> >> >> >> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> >> ---------- >> *From: *"Mathew Howard" >> *To: *"AnimalFarm Microwave Users Group" >> *Sent: *Tuesday, February 5, 2019 10:26:53 PM >> *Subject: *Re: [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new >> attack | ZDNet >> >> Indeed... I think you could consider most of the airFiber products >> high-grade. >> >> But most of that other stuff is relatively ancient at this point... if >> companies like Tranzeo are even still in business, I can't imagine who is >> still using it, or why. When it comes to price, I don't think there's >> really anything that can beat the low end Ubiquiti stuff. >> >> On Tue, Feb 5, 2019 at 9:25 PM Adam Moffett wrote: >> >>> .and knowing that our friends at Ubiquiti are on this list as well, >>> I feel I should point out that they make a lot of useful products and that >>> in spite of our trash talking it's likely that every single one of us has >>> found a use for something Ubqiuiti in their network. >>> >>> And maybe that multipoint LTU thing will rock our socks when it comes >>> out in like 16 more years. >>> >>> >>> On 2/5/2019 10:18 PM, Bill Prince wrote: >>> >>> Hi we're Ubiquiti, and we don't suck nearly as bad as Tranzeo. >>> >>> -- >>> bp >>> part15sbs{at}gmail{dot}com >>> >>> >>> On Tue, Feb 5, 2019 at 7:13 PM Adam Moffett wrote: >>> >>>> SmartBridges >>>> WaveNet IP >>>> >>>> I'm not saying Ubiquiti is "high grade", but it's higher than some. >>>> It's not a Ceragon IP20, but it's certainly a contender for the highest of >>>> the low grade. >>>> >>>> >>>> On 2/5/2019 5:10 PM, Colin Stanners wrote: >>>> >>>> Ubnt's AirFiber platform is great (as long as you don't need spatial >>>> diversity), I think we can all agree it's high-grade. But many of their >>>> other platforms suffer from the "let's develop random new products instead >>>> of fixing major bugs" issue so I wouldn't call them high-grade. >>>> >>>> What is definitely lower grade: >>>> -WRT54Gs in tupperware (still funny that this is how some WISPs started) >>>> -anything Tranzeo >>>> -Skypilot >>>> >>>> On Tue, Feb 5, 2019 at 3:21 PM Mathew Howard >>>> wrote: >>>> >>>>> Can you get lower grade WISP equipment? >>>>> >>>>> On Tue, Feb 5, 2019 at 12:51 PM Adam Moffett >>>>> wrote: >>>>> >>>>>> it's all relative >>>>>> >>>>>> On 2/5/2019 10:28 AM, Mathew Howard wrote: >>>>>> >>>>>> &q
Re: [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new attack | ZDNet
I don't see any Mikrotik stuff that's really any less expensive than the bottom end UBNT (I'm talking LiteBeams and NanoStation Locos here), but yeah, the Mikrotik prices are close enough that it doesn't make any difference. On Wed, Feb 6, 2019 at 7:13 AM Mike Hammett wrote: > I think Mikrotik is still less expensive on the low end. > > > > - > Mike Hammett > Intelligent Computing Solutions <http://www.ics-il.com/> > <https://www.facebook.com/ICSIL> > <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> > <https://www.linkedin.com/company/intelligent-computing-solutions> > <https://twitter.com/ICSIL> > Midwest Internet Exchange <http://www.midwest-ix.com/> > <https://www.facebook.com/mdwestix> > <https://www.linkedin.com/company/midwest-internet-exchange> > <https://twitter.com/mdwestix> > The Brothers WISP <http://www.thebrotherswisp.com/> > <https://www.facebook.com/thebrotherswisp> > > > <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> > -- > *From: *"Mathew Howard" > *To: *"AnimalFarm Microwave Users Group" > *Sent: *Tuesday, February 5, 2019 10:26:53 PM > *Subject: *Re: [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new > attack | ZDNet > > Indeed... I think you could consider most of the airFiber products > high-grade. > > But most of that other stuff is relatively ancient at this point... if > companies like Tranzeo are even still in business, I can't imagine who is > still using it, or why. When it comes to price, I don't think there's > really anything that can beat the low end Ubiquiti stuff. > > On Tue, Feb 5, 2019 at 9:25 PM Adam Moffett wrote: > >> .and knowing that our friends at Ubiquiti are on this list as well, I >> feel I should point out that they make a lot of useful products and that in >> spite of our trash talking it's likely that every single one of us has >> found a use for something Ubqiuiti in their network. >> >> And maybe that multipoint LTU thing will rock our socks when it comes out >> in like 16 more years. >> >> >> On 2/5/2019 10:18 PM, Bill Prince wrote: >> >> Hi we're Ubiquiti, and we don't suck nearly as bad as Tranzeo. >> >> -- >> bp >> part15sbs{at}gmail{dot}com >> >> >> On Tue, Feb 5, 2019 at 7:13 PM Adam Moffett wrote: >> >>> SmartBridges >>> WaveNet IP >>> >>> I'm not saying Ubiquiti is "high grade", but it's higher than some. >>> It's not a Ceragon IP20, but it's certainly a contender for the highest of >>> the low grade. >>> >>> >>> On 2/5/2019 5:10 PM, Colin Stanners wrote: >>> >>> Ubnt's AirFiber platform is great (as long as you don't need spatial >>> diversity), I think we can all agree it's high-grade. But many of their >>> other platforms suffer from the "let's develop random new products instead >>> of fixing major bugs" issue so I wouldn't call them high-grade. >>> >>> What is definitely lower grade: >>> -WRT54Gs in tupperware (still funny that this is how some WISPs started) >>> -anything Tranzeo >>> -Skypilot >>> >>> On Tue, Feb 5, 2019 at 3:21 PM Mathew Howard >>> wrote: >>> >>>> Can you get lower grade WISP equipment? >>>> >>>> On Tue, Feb 5, 2019 at 12:51 PM Adam Moffett >>>> wrote: >>>> >>>>> it's all relative >>>>> >>>>> On 2/5/2019 10:28 AM, Mathew Howard wrote: >>>>> >>>>> "Most affected devices are high-grade WISP equipment" >>>>> >>>>> >>>>> >>>>> On Tue, Feb 5, 2019 at 9:23 AM Steve Jones >>>>> wrote: >>>>> >>>>>> am i the only one who shuts off discovery? >>>>>> >>>>>> On Tue, Feb 5, 2019 at 8:25 AM Ken Hohhof wrote: >>>>>> >>>>>>> Is it my imagination, or does that article veer off toward the end >>>>>>> into stuff that may not be Ubiquiti problems at all? And from the >>>>>>> description of the problem, I don’t see how it would lead to radios >>>>>>> being >>>>>>> “defaced”, just used as an amplifier via Ubiquiti Discovery Protocol. >>>>>>> >>>>>>> >>>>>>> >>>>>>> *From:* AF *On Behalf Of *Jaime Solorza >>>>>>
Re: [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new attack | ZDNet
I think Mikrotik is still less expensive on the low end. - Mike Hammett Intelligent Computing Solutions Midwest Internet Exchange The Brothers WISP - Original Message - From: "Mathew Howard" To: "AnimalFarm Microwave Users Group" Sent: Tuesday, February 5, 2019 10:26:53 PM Subject: Re: [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new attack | ZDNet Indeed... I think you could consider most of the airFiber products high-grade. But most of that other stuff is relatively ancient at this point... if companies like Tranzeo are even still in business, I can't imagine who is still using it, or why. When it comes to price, I don't think there's really anything that can beat the low end Ubiquiti stuff. On Tue, Feb 5, 2019 at 9:25 PM Adam Moffett < dmmoff...@gmail.com > wrote: .and knowing that our friends at Ubiquiti are on this list as well, I feel I should point out that they make a lot of useful products and that in spite of our trash talking it's likely that every single one of us has found a use for something Ubqiuiti in their network. And maybe that multipoint LTU thing will rock our socks when it comes out in like 16 more years. On 2/5/2019 10:18 PM, Bill Prince wrote: Hi we're Ubiquiti, and we don't suck nearly as bad as Tranzeo. -- bp part15sbs{at}gmail{dot}com On Tue, Feb 5, 2019 at 7:13 PM Adam Moffett < dmmoff...@gmail.com > wrote: SmartBridges WaveNet IP I'm not saying Ubiquiti is "high grade", but it's higher than some. It's not a Ceragon IP20, but it's certainly a contender for the highest of the low grade. On 2/5/2019 5:10 PM, Colin Stanners wrote: Ubnt's AirFiber platform is great (as long as you don't need spatial diversity), I think we can all agree it's high-grade. But many of their other platforms suffer from the "let's develop random new products instead of fixing major bugs" issue so I wouldn't call them high-grade. What is definitely lower grade: -WRT54Gs in tupperware (still funny that this is how some WISPs started) -anything Tranzeo -Skypilot On Tue, Feb 5, 2019 at 3:21 PM Mathew Howard < mhoward...@gmail.com > wrote: Can you get lower grade WISP equipment? On Tue, Feb 5, 2019 at 12:51 PM Adam Moffett < dmmoff...@gmail.com > wrote: it's all relative On 2/5/2019 10:28 AM, Mathew Howard wrote: "Most affected devices are high-grade WISP equipment" On Tue, Feb 5, 2019 at 9:23 AM Steve Jones < thatoneguyst...@gmail.com > wrote: am i the only one who shuts off discovery? On Tue, Feb 5, 2019 at 8:25 AM Ken Hohhof < af...@kwisp.com > wrote: Is it my imagination, or does that article veer off toward the end into stuff that may not be Ubiquiti problems at all? And from the description of the problem, I don’t see how it would lead to radios being “defaced”, just used as an amplifier via Ubiquiti Discovery Protocol. From: AF < af-boun...@af.afmug.com > On Behalf Of Jaime Solorza Sent: Monday, February 4, 2019 7:00 PM To: AnimalFarm Microwave Users Group < af@af.afmug.com > Subject: [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new attack | ZDNet https://www.zdnet.com/article/over-485000-ubiquiti-devices-vulnerable-to-new-attack/ -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
Re: [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new attack | ZDNet
Hi we are ubiquiti and we like to sue our customers. -Sean On Tue, Feb 5, 2019 at 8:20 PM Bill Prince wrote: > Hi we're Ubiquiti, and we don't suck nearly as bad as Tranzeo. > > -- > bp > part15sbs{at}gmail{dot}com > > > On Tue, Feb 5, 2019 at 7:13 PM Adam Moffett wrote: > >> SmartBridges >> WaveNet IP >> >> I'm not saying Ubiquiti is "high grade", but it's higher than some. It's >> not a Ceragon IP20, but it's certainly a contender for the highest of the >> low grade. >> >> >> On 2/5/2019 5:10 PM, Colin Stanners wrote: >> >> Ubnt's AirFiber platform is great (as long as you don't need spatial >> diversity), I think we can all agree it's high-grade. But many of their >> other platforms suffer from the "let's develop random new products instead >> of fixing major bugs" issue so I wouldn't call them high-grade. >> >> What is definitely lower grade: >> -WRT54Gs in tupperware (still funny that this is how some WISPs started) >> -anything Tranzeo >> -Skypilot >> >> On Tue, Feb 5, 2019 at 3:21 PM Mathew Howard >> wrote: >> >>> Can you get lower grade WISP equipment? >>> >>> On Tue, Feb 5, 2019 at 12:51 PM Adam Moffett >>> wrote: >>> >>>> it's all relative >>>> >>>> On 2/5/2019 10:28 AM, Mathew Howard wrote: >>>> >>>> "Most affected devices are high-grade WISP equipment" >>>> >>>> >>>> >>>> On Tue, Feb 5, 2019 at 9:23 AM Steve Jones >>>> wrote: >>>> >>>>> am i the only one who shuts off discovery? >>>>> >>>>> On Tue, Feb 5, 2019 at 8:25 AM Ken Hohhof wrote: >>>>> >>>>>> Is it my imagination, or does that article veer off toward the end >>>>>> into stuff that may not be Ubiquiti problems at all? And from the >>>>>> description of the problem, I don’t see how it would lead to radios being >>>>>> “defaced”, just used as an amplifier via Ubiquiti Discovery Protocol. >>>>>> >>>>>> >>>>>> >>>>>> *From:* AF *On Behalf Of *Jaime Solorza >>>>>> *Sent:* Monday, February 4, 2019 7:00 PM >>>>>> *To:* AnimalFarm Microwave Users Group >>>>>> *Subject:* [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new >>>>>> attack | ZDNet >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> https://www.zdnet.com/article/over-485000-ubiquiti-devices-vulnerable-to-new-attack/ >>>>>> -- >>>>>> AF mailing list >>>>>> AF@af.afmug.com >>>>>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>>>>> >>>>> -- >>>>> AF mailing list >>>>> AF@af.afmug.com >>>>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>>>> >>>> >>>> >>>> -- >>>> AF mailing list >>>> AF@af.afmug.com >>>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>>> >>> -- >>> AF mailing list >>> AF@af.afmug.com >>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>> >> >> >> -- >> AF mailing list >> AF@af.afmug.com >> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >> > -- > AF mailing list > AF@af.afmug.com > http://af.afmug.com/mailman/listinfo/af_af.afmug.com > -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
Re: [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new attack | ZDNet
Indeed... I think you could consider most of the airFiber products high-grade. But most of that other stuff is relatively ancient at this point... if companies like Tranzeo are even still in business, I can't imagine who is still using it, or why. When it comes to price, I don't think there's really anything that can beat the low end Ubiquiti stuff. On Tue, Feb 5, 2019 at 9:25 PM Adam Moffett wrote: > .and knowing that our friends at Ubiquiti are on this list as well, I > feel I should point out that they make a lot of useful products and that in > spite of our trash talking it's likely that every single one of us has > found a use for something Ubqiuiti in their network. > > And maybe that multipoint LTU thing will rock our socks when it comes out > in like 16 more years. > > > On 2/5/2019 10:18 PM, Bill Prince wrote: > > Hi we're Ubiquiti, and we don't suck nearly as bad as Tranzeo. > > -- > bp > part15sbs{at}gmail{dot}com > > > On Tue, Feb 5, 2019 at 7:13 PM Adam Moffett wrote: > >> SmartBridges >> WaveNet IP >> >> I'm not saying Ubiquiti is "high grade", but it's higher than some. It's >> not a Ceragon IP20, but it's certainly a contender for the highest of the >> low grade. >> >> >> On 2/5/2019 5:10 PM, Colin Stanners wrote: >> >> Ubnt's AirFiber platform is great (as long as you don't need spatial >> diversity), I think we can all agree it's high-grade. But many of their >> other platforms suffer from the "let's develop random new products instead >> of fixing major bugs" issue so I wouldn't call them high-grade. >> >> What is definitely lower grade: >> -WRT54Gs in tupperware (still funny that this is how some WISPs started) >> -anything Tranzeo >> -Skypilot >> >> On Tue, Feb 5, 2019 at 3:21 PM Mathew Howard >> wrote: >> >>> Can you get lower grade WISP equipment? >>> >>> On Tue, Feb 5, 2019 at 12:51 PM Adam Moffett >>> wrote: >>> >>>> it's all relative >>>> >>>> On 2/5/2019 10:28 AM, Mathew Howard wrote: >>>> >>>> "Most affected devices are high-grade WISP equipment" >>>> >>>> >>>> >>>> On Tue, Feb 5, 2019 at 9:23 AM Steve Jones >>>> wrote: >>>> >>>>> am i the only one who shuts off discovery? >>>>> >>>>> On Tue, Feb 5, 2019 at 8:25 AM Ken Hohhof wrote: >>>>> >>>>>> Is it my imagination, or does that article veer off toward the end >>>>>> into stuff that may not be Ubiquiti problems at all? And from the >>>>>> description of the problem, I don’t see how it would lead to radios being >>>>>> “defaced”, just used as an amplifier via Ubiquiti Discovery Protocol. >>>>>> >>>>>> >>>>>> >>>>>> *From:* AF *On Behalf Of *Jaime Solorza >>>>>> *Sent:* Monday, February 4, 2019 7:00 PM >>>>>> *To:* AnimalFarm Microwave Users Group >>>>>> *Subject:* [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new >>>>>> attack | ZDNet >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> https://www.zdnet.com/article/over-485000-ubiquiti-devices-vulnerable-to-new-attack/ >>>>>> -- >>>>>> AF mailing list >>>>>> AF@af.afmug.com >>>>>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>>>>> >>>>> -- >>>>> AF mailing list >>>>> AF@af.afmug.com >>>>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>>>> >>>> >>>> >>>> -- >>>> AF mailing list >>>> AF@af.afmug.com >>>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>>> >>> -- >>> AF mailing list >>> AF@af.afmug.com >>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>> >> >> >> -- >> AF mailing list >> AF@af.afmug.com >> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >> > > > -- > AF mailing list > AF@af.afmug.com > http://af.afmug.com/mailman/listinfo/af_af.afmug.com > -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
Re: [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new attack | ZDNet
.and knowing that our friends at Ubiquiti are on this list as well, I feel I should point out that they make a lot of useful products and that in spite of our trash talking it's likely that every single one of us has found a use for something Ubqiuiti in their network. And maybe that multipoint LTU thing will rock our socks when it comes out in like 16 more years. On 2/5/2019 10:18 PM, Bill Prince wrote: Hi we're Ubiquiti, and we don't suck nearly as bad as Tranzeo. -- bp part15sbs{at}gmail{dot}com On Tue, Feb 5, 2019 at 7:13 PM Adam Moffett <mailto:dmmoff...@gmail.com>> wrote: SmartBridges WaveNet IP I'm not saying Ubiquiti is "high grade", but it's higher than some. It's not a Ceragon IP20, but it's certainly a contender for the highest of the low grade. On 2/5/2019 5:10 PM, Colin Stanners wrote: Ubnt's AirFiber platform is great (as long as you don't need spatial diversity), I think we can all agree it's high-grade. But many of their other platforms suffer from the "let's develop random new products instead of fixing major bugs" issue so I wouldn't call them high-grade. What is definitely lower grade: -WRT54Gs in tupperware (still funny that this is how some WISPs started) -anything Tranzeo -Skypilot On Tue, Feb 5, 2019 at 3:21 PM Mathew Howard mailto:mhoward...@gmail.com>> wrote: Can you get lower grade WISP equipment? On Tue, Feb 5, 2019 at 12:51 PM Adam Moffett mailto:dmmoff...@gmail.com>> wrote: it's all relative On 2/5/2019 10:28 AM, Mathew Howard wrote: "Most affected devices are high-grade WISP equipment" On Tue, Feb 5, 2019 at 9:23 AM Steve Jones mailto:thatoneguyst...@gmail.com>> wrote: am i the only one who shuts off discovery? On Tue, Feb 5, 2019 at 8:25 AM Ken Hohhof mailto:af...@kwisp.com>> wrote: Is it my imagination, or does that article veer off toward the end into stuff that may not be Ubiquiti problems at all? And from the description of the problem, I don’t see how it would lead to radios being “defaced”, just used as an amplifier via Ubiquiti Discovery Protocol. *From:* AF mailto:af-boun...@af.afmug.com>> *On Behalf Of *Jaime Solorza *Sent:* Monday, February 4, 2019 7:00 PM *To:* AnimalFarm Microwave Users Group mailto:af@af.afmug.com>> *Subject:* [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new attack | ZDNet https://www.zdnet.com/article/over-485000-ubiquiti-devices-vulnerable-to-new-attack/ -- AF mailing list AF@af.afmug.com <mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com <mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com <mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com <mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com <mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
Re: [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new attack | ZDNet
You're hired. You can be my new marketing guy. On 2/5/2019 10:18 PM, Bill Prince wrote: Hi we're Ubiquiti, and we don't suck nearly as bad as Tranzeo. -- bp part15sbs{at}gmail{dot}com On Tue, Feb 5, 2019 at 7:13 PM Adam Moffett <mailto:dmmoff...@gmail.com>> wrote: SmartBridges WaveNet IP I'm not saying Ubiquiti is "high grade", but it's higher than some. It's not a Ceragon IP20, but it's certainly a contender for the highest of the low grade. On 2/5/2019 5:10 PM, Colin Stanners wrote: Ubnt's AirFiber platform is great (as long as you don't need spatial diversity), I think we can all agree it's high-grade. But many of their other platforms suffer from the "let's develop random new products instead of fixing major bugs" issue so I wouldn't call them high-grade. What is definitely lower grade: -WRT54Gs in tupperware (still funny that this is how some WISPs started) -anything Tranzeo -Skypilot On Tue, Feb 5, 2019 at 3:21 PM Mathew Howard mailto:mhoward...@gmail.com>> wrote: Can you get lower grade WISP equipment? On Tue, Feb 5, 2019 at 12:51 PM Adam Moffett mailto:dmmoff...@gmail.com>> wrote: it's all relative On 2/5/2019 10:28 AM, Mathew Howard wrote: "Most affected devices are high-grade WISP equipment" On Tue, Feb 5, 2019 at 9:23 AM Steve Jones mailto:thatoneguyst...@gmail.com>> wrote: am i the only one who shuts off discovery? On Tue, Feb 5, 2019 at 8:25 AM Ken Hohhof mailto:af...@kwisp.com>> wrote: Is it my imagination, or does that article veer off toward the end into stuff that may not be Ubiquiti problems at all? And from the description of the problem, I don’t see how it would lead to radios being “defaced”, just used as an amplifier via Ubiquiti Discovery Protocol. *From:* AF mailto:af-boun...@af.afmug.com>> *On Behalf Of *Jaime Solorza *Sent:* Monday, February 4, 2019 7:00 PM *To:* AnimalFarm Microwave Users Group mailto:af@af.afmug.com>> *Subject:* [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new attack | ZDNet https://www.zdnet.com/article/over-485000-ubiquiti-devices-vulnerable-to-new-attack/ -- AF mailing list AF@af.afmug.com <mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com <mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com <mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com <mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com <mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
Re: [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new attack | ZDNet
Hi we're Ubiquiti, and we don't suck nearly as bad as Tranzeo. -- bp part15sbs{at}gmail{dot}com On Tue, Feb 5, 2019 at 7:13 PM Adam Moffett wrote: > SmartBridges > WaveNet IP > > I'm not saying Ubiquiti is "high grade", but it's higher than some. It's > not a Ceragon IP20, but it's certainly a contender for the highest of the > low grade. > > > On 2/5/2019 5:10 PM, Colin Stanners wrote: > > Ubnt's AirFiber platform is great (as long as you don't need spatial > diversity), I think we can all agree it's high-grade. But many of their > other platforms suffer from the "let's develop random new products instead > of fixing major bugs" issue so I wouldn't call them high-grade. > > What is definitely lower grade: > -WRT54Gs in tupperware (still funny that this is how some WISPs started) > -anything Tranzeo > -Skypilot > > On Tue, Feb 5, 2019 at 3:21 PM Mathew Howard wrote: > >> Can you get lower grade WISP equipment? >> >> On Tue, Feb 5, 2019 at 12:51 PM Adam Moffett wrote: >> >>> it's all relative >>> >>> On 2/5/2019 10:28 AM, Mathew Howard wrote: >>> >>> "Most affected devices are high-grade WISP equipment" >>> >>> >>> >>> On Tue, Feb 5, 2019 at 9:23 AM Steve Jones >>> wrote: >>> >>>> am i the only one who shuts off discovery? >>>> >>>> On Tue, Feb 5, 2019 at 8:25 AM Ken Hohhof wrote: >>>> >>>>> Is it my imagination, or does that article veer off toward the end >>>>> into stuff that may not be Ubiquiti problems at all? And from the >>>>> description of the problem, I don’t see how it would lead to radios being >>>>> “defaced”, just used as an amplifier via Ubiquiti Discovery Protocol. >>>>> >>>>> >>>>> >>>>> *From:* AF *On Behalf Of *Jaime Solorza >>>>> *Sent:* Monday, February 4, 2019 7:00 PM >>>>> *To:* AnimalFarm Microwave Users Group >>>>> *Subject:* [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new >>>>> attack | ZDNet >>>>> >>>>> >>>>> >>>>> >>>>> https://www.zdnet.com/article/over-485000-ubiquiti-devices-vulnerable-to-new-attack/ >>>>> -- >>>>> AF mailing list >>>>> AF@af.afmug.com >>>>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>>>> >>>> -- >>>> AF mailing list >>>> AF@af.afmug.com >>>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>>> >>> >>> >>> -- >>> AF mailing list >>> AF@af.afmug.com >>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>> >> -- >> AF mailing list >> AF@af.afmug.com >> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >> > > > -- > AF mailing list > AF@af.afmug.com > http://af.afmug.com/mailman/listinfo/af_af.afmug.com > -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
Re: [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new attack | ZDNet
SmartBridges WaveNet IP I'm not saying Ubiquiti is "high grade", but it's higher than some. It's not a Ceragon IP20, but it's certainly a contender for the highest of the low grade. On 2/5/2019 5:10 PM, Colin Stanners wrote: Ubnt's AirFiber platform is great (as long as you don't need spatial diversity), I think we can all agree it's high-grade. But many of their other platforms suffer from the "let's develop random new products instead of fixing major bugs" issue so I wouldn't call them high-grade. What is definitely lower grade: -WRT54Gs in tupperware (still funny that this is how some WISPs started) -anything Tranzeo -Skypilot On Tue, Feb 5, 2019 at 3:21 PM Mathew Howard <mailto:mhoward...@gmail.com>> wrote: Can you get lower grade WISP equipment? On Tue, Feb 5, 2019 at 12:51 PM Adam Moffett mailto:dmmoff...@gmail.com>> wrote: it's all relative On 2/5/2019 10:28 AM, Mathew Howard wrote: "Most affected devices are high-grade WISP equipment" On Tue, Feb 5, 2019 at 9:23 AM Steve Jones mailto:thatoneguyst...@gmail.com>> wrote: am i the only one who shuts off discovery? On Tue, Feb 5, 2019 at 8:25 AM Ken Hohhof mailto:af...@kwisp.com>> wrote: Is it my imagination, or does that article veer off toward the end into stuff that may not be Ubiquiti problems at all? And from the description of the problem, I don’t see how it would lead to radios being “defaced”, just used as an amplifier via Ubiquiti Discovery Protocol. *From:* AF mailto:af-boun...@af.afmug.com>> *On Behalf Of *Jaime Solorza *Sent:* Monday, February 4, 2019 7:00 PM *To:* AnimalFarm Microwave Users Group mailto:af@af.afmug.com>> *Subject:* [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new attack | ZDNet https://www.zdnet.com/article/over-485000-ubiquiti-devices-vulnerable-to-new-attack/ -- AF mailing list AF@af.afmug.com <mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com <mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com <mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com <mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
Re: [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new attack | ZDNet
Ubnt's AirFiber platform is great (as long as you don't need spatial diversity), I think we can all agree it's high-grade. But many of their other platforms suffer from the "let's develop random new products instead of fixing major bugs" issue so I wouldn't call them high-grade. What is definitely lower grade: -WRT54Gs in tupperware (still funny that this is how some WISPs started) -anything Tranzeo -Skypilot On Tue, Feb 5, 2019 at 3:21 PM Mathew Howard wrote: > Can you get lower grade WISP equipment? > > On Tue, Feb 5, 2019 at 12:51 PM Adam Moffett wrote: > >> it's all relative >> >> On 2/5/2019 10:28 AM, Mathew Howard wrote: >> >> "Most affected devices are high-grade WISP equipment" >> >> >> >> On Tue, Feb 5, 2019 at 9:23 AM Steve Jones >> wrote: >> >>> am i the only one who shuts off discovery? >>> >>> On Tue, Feb 5, 2019 at 8:25 AM Ken Hohhof wrote: >>> >>>> Is it my imagination, or does that article veer off toward the end into >>>> stuff that may not be Ubiquiti problems at all? And from the description >>>> of the problem, I don’t see how it would lead to radios being “defaced”, >>>> just used as an amplifier via Ubiquiti Discovery Protocol. >>>> >>>> >>>> >>>> *From:* AF *On Behalf Of *Jaime Solorza >>>> *Sent:* Monday, February 4, 2019 7:00 PM >>>> *To:* AnimalFarm Microwave Users Group >>>> *Subject:* [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new >>>> attack | ZDNet >>>> >>>> >>>> >>>> >>>> https://www.zdnet.com/article/over-485000-ubiquiti-devices-vulnerable-to-new-attack/ >>>> -- >>>> AF mailing list >>>> AF@af.afmug.com >>>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>>> >>> -- >>> AF mailing list >>> AF@af.afmug.com >>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>> >> >> >> -- >> AF mailing list >> AF@af.afmug.com >> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >> > -- > AF mailing list > AF@af.afmug.com > http://af.afmug.com/mailman/listinfo/af_af.afmug.com > -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
Re: [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new attack | ZDNet
We addressed the weak DDOS amplification in 2017 based on a report to our Bug Bounty Program ( https://hackerone.com/ubnt ), but this article seems to be associating any and all security issues from the last and representing them as new. There is a security report related to the discovery protocol that is under investigation that in some cases can lead to the radio losing management access until a reboot. Restricting access to discovery on public-facing radios would be a good step to take until we have more info on the management + discovery bug. In v8.5.8 we added the option to limit management/discovery access by subnet/cidr to further simplify protecting radios (router mode only) 8.3.2 (XC, WA) Changelog / September 1, 2017 New: Add support for RFC 6598 (CGN) private IP responses via Discovery 8.1.3 (XC, WA) Changelog / June 2, 2017 Use TCP protocol instead of UDP for UBNT discovery queries from Public IPs 6.0.7 (XM/XW/TI) Changelog / September 8, 2017 New: * New: Add support for RFC 6598 (CGN) private IP responses via Discovery 6.0.4 (XM/XW/TI) Changelog / May 5, 2017 Fix: Limit discovery response to queries from private subnets or multicast/broadcast On Tue, Feb 5, 2019 at 4:44 PM Matt Hoppes < mattli...@rivervalleyinternet.net> wrote: > Ubiquiti claims it can’t be used as an amplifier. I’m not sure how I > believe them. > > On Feb 5, 2019, at 4:19 PM, Mathew Howard wrote: > > Can you get lower grade WISP equipment? > > On Tue, Feb 5, 2019 at 12:51 PM Adam Moffett wrote: > >> it's all relative >> >> On 2/5/2019 10:28 AM, Mathew Howard wrote: >> >> "Most affected devices are high-grade WISP equipment" >> >> >> >> On Tue, Feb 5, 2019 at 9:23 AM Steve Jones >> wrote: >> >>> am i the only one who shuts off discovery? >>> >>> On Tue, Feb 5, 2019 at 8:25 AM Ken Hohhof wrote: >>> >>>> Is it my imagination, or does that article veer off toward the end into >>>> stuff that may not be Ubiquiti problems at all? And from the description >>>> of the problem, I don’t see how it would lead to radios being “defaced”, >>>> just used as an amplifier via Ubiquiti Discovery Protocol. >>>> >>>> >>>> >>>> *From:* AF *On Behalf Of *Jaime Solorza >>>> *Sent:* Monday, February 4, 2019 7:00 PM >>>> *To:* AnimalFarm Microwave Users Group >>>> *Subject:* [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new >>>> attack | ZDNet >>>> >>>> >>>> >>>> >>>> https://www.zdnet.com/article/over-485000-ubiquiti-devices-vulnerable-to-new-attack/ >>>> -- >>>> AF mailing list >>>> AF@af.afmug.com >>>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>>> >>> -- >>> AF mailing list >>> AF@af.afmug.com >>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>> >> >> >> -- >> AF mailing list >> AF@af.afmug.com >> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >> > -- > AF mailing list > AF@af.afmug.com > http://af.afmug.com/mailman/listinfo/af_af.afmug.com > > -- > AF mailing list > AF@af.afmug.com > http://af.afmug.com/mailman/listinfo/af_af.afmug.com > -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
Re: [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new attack | ZDNet
Ubiquiti claims it can’t be used as an amplifier. I’m not sure how I believe them. > On Feb 5, 2019, at 4:19 PM, Mathew Howard wrote: > > Can you get lower grade WISP equipment? > >> On Tue, Feb 5, 2019 at 12:51 PM Adam Moffett wrote: >> it's all relative >> >>> On 2/5/2019 10:28 AM, Mathew Howard wrote: >>> "Most affected devices are high-grade WISP equipment" >>> >>> >>> >>>> On Tue, Feb 5, 2019 at 9:23 AM Steve Jones >>>> wrote: >>>> am i the only one who shuts off discovery? >>>> >>>>> On Tue, Feb 5, 2019 at 8:25 AM Ken Hohhof wrote: >>>>> Is it my imagination, or does that article veer off toward the end into >>>>> stuff that may not be Ubiquiti problems at all? And from the description >>>>> of the problem, I don’t see how it would lead to radios being “defaced”, >>>>> just used as an amplifier via Ubiquiti Discovery Protocol. >>>>> >>>>> >>>>> >>>>> From: AF On Behalf Of Jaime Solorza >>>>> Sent: Monday, February 4, 2019 7:00 PM >>>>> To: AnimalFarm Microwave Users Group >>>>> Subject: [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new attack >>>>> | ZDNet >>>>> >>>>> >>>>> >>>>> https://www.zdnet.com/article/over-485000-ubiquiti-devices-vulnerable-to-new-attack/ >>>>> >>>>> -- >>>>> AF mailing list >>>>> AF@af.afmug.com >>>>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>>> -- >>>> AF mailing list >>>> AF@af.afmug.com >>>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>> >> >> -- >> AF mailing list >> AF@af.afmug.com >> http://af.afmug.com/mailman/listinfo/af_af.afmug.com > -- > AF mailing list > AF@af.afmug.com > http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
Re: [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new attack | ZDNet
Can you get lower grade WISP equipment? On Tue, Feb 5, 2019 at 12:51 PM Adam Moffett wrote: > it's all relative > > On 2/5/2019 10:28 AM, Mathew Howard wrote: > > "Most affected devices are high-grade WISP equipment" > > > > On Tue, Feb 5, 2019 at 9:23 AM Steve Jones > wrote: > >> am i the only one who shuts off discovery? >> >> On Tue, Feb 5, 2019 at 8:25 AM Ken Hohhof wrote: >> >>> Is it my imagination, or does that article veer off toward the end into >>> stuff that may not be Ubiquiti problems at all? And from the description >>> of the problem, I don’t see how it would lead to radios being “defaced”, >>> just used as an amplifier via Ubiquiti Discovery Protocol. >>> >>> >>> >>> *From:* AF *On Behalf Of *Jaime Solorza >>> *Sent:* Monday, February 4, 2019 7:00 PM >>> *To:* AnimalFarm Microwave Users Group >>> *Subject:* [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new >>> attack | ZDNet >>> >>> >>> >>> >>> https://www.zdnet.com/article/over-485000-ubiquiti-devices-vulnerable-to-new-attack/ >>> -- >>> AF mailing list >>> AF@af.afmug.com >>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>> >> -- >> AF mailing list >> AF@af.afmug.com >> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >> > > > -- > AF mailing list > AF@af.afmug.com > http://af.afmug.com/mailman/listinfo/af_af.afmug.com > -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
Re: [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new attack | ZDNet
it's all relative On 2/5/2019 10:28 AM, Mathew Howard wrote: "Most affected devices are high-grade WISP equipment" On Tue, Feb 5, 2019 at 9:23 AM Steve Jones <mailto:thatoneguyst...@gmail.com>> wrote: am i the only one who shuts off discovery? On Tue, Feb 5, 2019 at 8:25 AM Ken Hohhof mailto:af...@kwisp.com>> wrote: Is it my imagination, or does that article veer off toward the end into stuff that may not be Ubiquiti problems at all? And from the description of the problem, I don’t see how it would lead to radios being “defaced”, just used as an amplifier via Ubiquiti Discovery Protocol. *From:* AF mailto:af-boun...@af.afmug.com>> *On Behalf Of *Jaime Solorza *Sent:* Monday, February 4, 2019 7:00 PM *To:* AnimalFarm Microwave Users Group mailto:af@af.afmug.com>> *Subject:* [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new attack | ZDNet https://www.zdnet.com/article/over-485000-ubiquiti-devices-vulnerable-to-new-attack/ -- AF mailing list AF@af.afmug.com <mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com <mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
Re: [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new attack | ZDNet
"Most affected devices are high-grade WISP equipment" On Tue, Feb 5, 2019 at 9:23 AM Steve Jones wrote: > am i the only one who shuts off discovery? > > On Tue, Feb 5, 2019 at 8:25 AM Ken Hohhof wrote: > >> Is it my imagination, or does that article veer off toward the end into >> stuff that may not be Ubiquiti problems at all? And from the description >> of the problem, I don’t see how it would lead to radios being “defaced”, >> just used as an amplifier via Ubiquiti Discovery Protocol. >> >> >> >> *From:* AF *On Behalf Of *Jaime Solorza >> *Sent:* Monday, February 4, 2019 7:00 PM >> *To:* AnimalFarm Microwave Users Group >> *Subject:* [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new >> attack | ZDNet >> >> >> >> >> https://www.zdnet.com/article/over-485000-ubiquiti-devices-vulnerable-to-new-attack/ >> -- >> AF mailing list >> AF@af.afmug.com >> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >> > -- > AF mailing list > AF@af.afmug.com > http://af.afmug.com/mailman/listinfo/af_af.afmug.com > -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
Re: [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new attack | ZDNet
am i the only one who shuts off discovery? On Tue, Feb 5, 2019 at 8:25 AM Ken Hohhof wrote: > Is it my imagination, or does that article veer off toward the end into > stuff that may not be Ubiquiti problems at all? And from the description > of the problem, I don’t see how it would lead to radios being “defaced”, > just used as an amplifier via Ubiquiti Discovery Protocol. > > > > *From:* AF *On Behalf Of *Jaime Solorza > *Sent:* Monday, February 4, 2019 7:00 PM > *To:* AnimalFarm Microwave Users Group > *Subject:* [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new > attack | ZDNet > > > > > https://www.zdnet.com/article/over-485000-ubiquiti-devices-vulnerable-to-new-attack/ > -- > AF mailing list > AF@af.afmug.com > http://af.afmug.com/mailman/listinfo/af_af.afmug.com > -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
Re: [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new attack | ZDNet
Is it my imagination, or does that article veer off toward the end into stuff that may not be Ubiquiti problems at all? And from the description of the problem, I don’t see how it would lead to radios being “defaced”, just used as an amplifier via Ubiquiti Discovery Protocol. From: AF On Behalf Of Jaime Solorza Sent: Monday, February 4, 2019 7:00 PM To: AnimalFarm Microwave Users Group Subject: [AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new attack | ZDNet https://www.zdnet.com/article/over-485000-ubiquiti-devices-vulnerable-to-new-attack/ -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
[AFMUG] Over 485, 000 Ubiquiti devices vulnerable to new attack | ZDNet
https://www.zdnet.com/article/over-485000-ubiquiti-devices-vulnerable-to-new-attack/ -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com